It probably makes sense to discuss why I called this “Security Duct Tape”. When looking at technology solutions, there seems to be a desire for magical fixes. A single remedy to today’s problems. We’re bombarded with marketing slogans like “Ransomware=Solved!” and products that claim to fix things like data breaches, data leakage, compliance, network gnomes, and coronal mass ejections. None of these things have been fixed (pesky gnomes), but worse than that, it creates a mindset that the next product will finally be the thing that fixes all of the things.

When talking about “Duct Tape” in this context, I mean putting in combinations of tools, utilities, and processes that solve real problems. Put another way, duct taping a bunch of things together so that they address a problem. Duct tape works. If NASA has used it to fix mission critical issues, we can certainly use it in a metaphorical sense to fix information security issues.

Let’s stop looking for the “sexy” solution that is better at killing budgets than vulnerabilities. Why haven’t we learned yet that all of these complex problems require more than a single product that gets dropped in? Don’t get me wrong, some products are great and have their place in an environment, but they are part of an overall solution, and multiple solutions add up to an organizations security program. In a perfect world, that program will be successful. Hopefully this site helps with that.